Upload File

it assurance and reliability why should you care? richard oppenheim, cpa, citp president, systrust...

  • Home
  • Documents
  • IT Assurance and Reliability Why Should You Care? Richard Oppenheim, CPA, CITP President, SysTrust Services Corporation Presented to ISACA Regional Meeting
20
IT Assurance and Reliability Why Should You Care? Richard Oppenheim, CPA, CITP President, SysTrust Services Corporation Presented to ISACA Regional Meeting Denver, CO October 17, 2001

Upload: kristina-wheeler

Post on 24-Dec-2015

213 views

Category:

Documents


1 download

Report

TRANSCRIPT

Page 1: IT Assurance and Reliability Why Should You Care? Richard Oppenheim, CPA, CITP President, SysTrust Services Corporation Presented to ISACA Regional Meeting

IT Assurance and ReliabilityWhy Should You Care?

Richard Oppenheim, CPA, CITP

President, SysTrust Services Corporation

Presented to ISACA Regional Meeting

Denver, CO October 17, 2001

Page 2: IT Assurance and Reliability Why Should You Care? Richard Oppenheim, CPA, CITP President, SysTrust Services Corporation Presented to ISACA Regional Meeting

Prepared by SysTrust Services Corporation2

Today’s Discussion

Valuable Assets need reliable protection  Dealing with Uncertainty in Uncertain Times Ideas for assuring control

Page 3: IT Assurance and Reliability Why Should You Care? Richard Oppenheim, CPA, CITP President, SysTrust Services Corporation Presented to ISACA Regional Meeting

Prepared by SysTrust Services Corporation3

Valuable assets need to be reliable

Overcoming loss of resources Average laptops lost / day = 1,000

Identify costs to replace - Equipment and Resources Data

What is cost of Data in the hands of someone you do not control?

Page 4: IT Assurance and Reliability Why Should You Care? Richard Oppenheim, CPA, CITP President, SysTrust Services Corporation Presented to ISACA Regional Meeting

Prepared by SysTrust Services Corporation4

Business Systems

Data is business foundation Decision making – too much and too little IT systems include relationships

Take inventory of what you have Back ups internal and off site

Data, Applications, Operations, Data Networks Documentation, Procedures manuals Redundant operations, Hot Sites Controls

Page 5: IT Assurance and Reliability Why Should You Care? Richard Oppenheim, CPA, CITP President, SysTrust Services Corporation Presented to ISACA Regional Meeting

Prepared by SysTrust Services Corporation5

Reliable Systems Are Needed

More than just financial Data to manage business processes

Control at all levels Design Development Maintenance

Monitoring Data, Applications, Resources People, Paper, Procedures

Page 6: IT Assurance and Reliability Why Should You Care? Richard Oppenheim, CPA, CITP President, SysTrust Services Corporation Presented to ISACA Regional Meeting

Prepared by SysTrust Services Corporation6

Why should you care ?

7 World Trade Center

Page 7: IT Assurance and Reliability Why Should You Care? Richard Oppenheim, CPA, CITP President, SysTrust Services Corporation Presented to ISACA Regional Meeting

Prepared by SysTrust Services Corporation7

Reliable Systems - Verification

Beneficiaries Board, Management, Staff Customers Bankers, Insurers, Investors Vendors

Goals Opinion for Business Continuity On time, On budget, On point

Page 8: IT Assurance and Reliability Why Should You Care? Richard Oppenheim, CPA, CITP President, SysTrust Services Corporation Presented to ISACA Regional Meeting

Prepared by SysTrust Services Corporation8

Reliable Systems - Verification

Audit Goals – Now & Future Continuous auditing and reporting Understanding IT business process

Certification opportunity Controls determine CRITERIA System reliability is goal

Page 9: IT Assurance and Reliability Why Should You Care? Richard Oppenheim, CPA, CITP President, SysTrust Services Corporation Presented to ISACA Regional Meeting

Prepared by SysTrust Services Corporation9

Reliable Systems - Assurance

Internal vs External Needs Need for consistency

Price vs Cost Spending for prevention Cost of recovery

Resource Access vs Disaster Value of assurance Principles of SysTrust

Page 10: IT Assurance and Reliability Why Should You Care? Richard Oppenheim, CPA, CITP President, SysTrust Services Corporation Presented to ISACA Regional Meeting

Prepared by SysTrust Services Corporation10

SysTrust from AICPA

SysTrust is a report issued by a CPA or CA on the “Reliability”of an entity’s system.

Reliable Systems

COBIT from ISACA

IT GOVERNANCE

A structure of relationships and processes to direct and control the enterprise in order to achieve the enterprise's goals by adding value while balancing risk versus return over IT and its processes.

Page 11: IT Assurance and Reliability Why Should You Care? Richard Oppenheim, CPA, CITP President, SysTrust Services Corporation Presented to ISACA Regional Meeting

Prepared by SysTrust Services Corporation11

Why Get Involved With SysTrust

When there is a system failure the CEO is going to call Structure and framework built on platform including COBIT Can be used to help decide if /when outsourcing is appropriate Due diligence issues

Page 12: IT Assurance and Reliability Why Should You Care? Richard Oppenheim, CPA, CITP President, SysTrust Services Corporation Presented to ISACA Regional Meeting

Prepared by SysTrust Services Corporation12

Why is SysTrust Important

Enterprise Resource Planning (ERP) When employees are busy, controls

are put aside or forgotten Company secrets are more vulnerable Attacks can cripple business

operations Outsourcing is a financial alternative

Page 13: IT Assurance and Reliability Why Should You Care? Richard Oppenheim, CPA, CITP President, SysTrust Services Corporation Presented to ISACA Regional Meeting

Prepared by SysTrust Services Corporation13

SysTrust Services Corp.

Documentation package that provides for:

Definitions of principles, criteria, and controls

Data center self assessment and description

Auditor testing, evaluation, conclusion, plan

Page 14: IT Assurance and Reliability Why Should You Care? Richard Oppenheim, CPA, CITP President, SysTrust Services Corporation Presented to ISACA Regional Meeting

Prepared by SysTrust Services Corporation14

Disasters Happen

10 things the SME can do

Page 15: IT Assurance and Reliability Why Should You Care? Richard Oppenheim, CPA, CITP President, SysTrust Services Corporation Presented to ISACA Regional Meeting

Prepared by SysTrust Services Corporation15

10 Things the SME can do

1 Management must be involved: executives, senior mgmt, operations, IT

2 Disaster Plan must be in writing 3 Backup data daily and move one copy

offsite 4 Practice system outage recovery 5 Understand who the users of the IT

system are and where they are located

Page 16: IT Assurance and Reliability Why Should You Care? Richard Oppenheim, CPA, CITP President, SysTrust Services Corporation Presented to ISACA Regional Meeting

Prepared by SysTrust Services Corporation16

10 Things the SME can do

6 IT and business documents, manuals for operations, training, etc. must be in writing

7 Personnel must also have backups 8 Contracts for outsourced support and

services need review 9 IT recovery needs 10 Obtain expert support as needed

Page 17: IT Assurance and Reliability Why Should You Care? Richard Oppenheim, CPA, CITP President, SysTrust Services Corporation Presented to ISACA Regional Meeting

Prepared by SysTrust Services Corporation17

How / Where / When to Begin

SHORT TERM Start NOW Create procedures for tasks done regularly Assess value related to process

LONG TERM

Operations redundancy / Hot site Risk assessment Continuous auditing

Page 18: IT Assurance and Reliability Why Should You Care? Richard Oppenheim, CPA, CITP President, SysTrust Services Corporation Presented to ISACA Regional Meeting

Prepared by SysTrust Services Corporation18

Resistance to Implementation

$ Management priorities elsewhere Lack of personnel Lack of resources Lack of user participation

Issues working against IT Assurance and Reliability

Page 19: IT Assurance and Reliability Why Should You Care? Richard Oppenheim, CPA, CITP President, SysTrust Services Corporation Presented to ISACA Regional Meeting

Prepared by SysTrust Services Corporation19

IT Assurance & Reliability

Something to care about – NOW

Page 20: IT Assurance and Reliability Why Should You Care? Richard Oppenheim, CPA, CITP President, SysTrust Services Corporation Presented to ISACA Regional Meeting

Prepared by SysTrust Services Corporation20

IT Assurance & Reliability

Richard Oppenheim, CPA, CITP

President, SysTrust Services Corporation

www.systrustservices.com

[email protected]

303-795-8847


Book DTSP 2ed-Oppenheim

Introduction to - isaca-kc.org Meetings/ISACA... · 9/8/2010  · Introduction to COBIT Presentation for the ISACA Kansas City Chapter 10/12/2008. ISACA Kansas City Chapter Presentation

ISACA’s Risk IT in a Cloud-based environment · ISACA’s Risk IT in a Cloud-based environment Kamal Khan, CISA, CISSP, MBCS, CITP Director, ISACA London Chapter March 2020. Agenda

WELCOME TO ISACA - Isaca Romaisacaroma.it/pdf/150416-17/Intro to ISACA April 2015 - CILLI - nc.pdf · WELCOME TO ISACA 2015 Claudio CILLI, CISA, ... local business community and the

February – May 2019 ISACA Certification Exam Candidate Guide · ISACA Certification Exam Candidate Guide February – May 2019 Exam Prep by ISACA Exam Prep by ISACA Exam Prep by

1 Visa Update w Charlie Oppenheim and Roundtable Discussion · Oppenheim and Roundtable Discussion Panelists: Irina Rostova, RostovaWestermanLaw Group (Moderator) Charles Oppenheim,

Oppenheim (1936) Devonian

Global CITP Examination - AICPA

ISACA Kenya Chapter Annual Conference 2019/Conference Presentations/ISACA... · ISACA Kenya Chapter Annual Conference. Now in its 50th anniversary year, ISACA is a global association

VIIT ISACA Student Group · VIIT -ISACA Student Group About ISACA As an independent, nonprofit, global association, ISACA engages in the development, adoption and use of globally

(!Citp - Morgantown, WV | Official Website

© 2020 OPPENHEIM ARCHITECTURE - Artbutler

Hempel Oppenheim

Blockchain and Risk - ISACA · Blockchain and Risk ISACA Northern UK, April 20th, 2016 Mike Small CEng, FBCS, CITP Senior Analyst Kuppinger Cole [email protected]

Oppenheim Solutions

DENNIS OPPENHEIM

ISACA Karachi The Enlighten Online · The Enlighten Online March – April 2008 Edition ... ISACA Member Benefits This workshop has been endorsed by ISACA. ISACA offered 7 CPE hours

ADEKUNLE OLUSOLA OKUNOYE PhD, MSc, MEd, CITP

CONSTRUCTION INDUSTRY TRANSFORMATION PROGRAMME(CITP…mbam.org.my/wp-content/uploads/2017/02/Presentation-MBAM-Semin… · CONSTRUCTION INDUSTRY TRANSFORMATION PROGRAMME(CITP)

ISACA For Student. Agenda- “Move yourself Forward” About ISACA –Professions served –Certifications available ISACA Student Membership –Student Benefits

Discrete Time Signal Processing 3rd Edition Oppenheim Solutions … · 2020. 11. 15. · Title: ch02.qxd Author: Oppenheim Subject: Discrete Time Signal Processing 3rd Edition Oppenheim

Grover Kearns, Ph.D., CPA, CFE, CITP

CITP PROGRESS REPORT · CITP PROGRESS REPORT THRUST : Internationalisation ... CEOs level and ... Framework for integration of International Database with

ISACA Enterprise - ISACA Ghanaisacaghana.org/wp-content/uploads/2016/06/ISACA-Enterprise... · • Access to all ISACA Member Benefits ( • New Member Application Fee (US$ 10) Waived

Path to CITP

Slap It! by D Oppenheim

Hempel Oppenheim PS1948

III. SUPPORT FOR ISACA CHAPTERS - bhamisacabhamisaca.net/images/Section3-Support-for-ISACA-Chapters.pdf · III. SUPPORT FOR ISACA CHAPTERS ... ISACA web site, listservs and web-based

Ignite Jonesboro Jan24 Tim Oppenheim

ISACA AND IT GOVERNANCE INSTITUTE 2014 ANNUAL REPORTm.isaca.org/About-ISACA/annual-report/Documents/2014-isaca-annual... · ISACA ® AND IT GOVERNANCE INSTITUTE ® ANNUAL REPORT 2014

Feature - ISACA

Isaca final

Nielsen surrealism oppenheim

Estandares ISACA

BEST ORIGINAL SCREENPLAY NOAH OPPENHEIM · BEST ORIGINAL SCREENPLAY NOAH OPPENHEIM A PABLO LARRAI´ N FILM. JACKIE Written by Noah Oppenheim. FADE IN: EXT. HYANNIS BEACH - DAY JACKIE